mofd.dll - Online Dependency Analysis & Download - DLLView

mofd.dll

Description: WMI

Authors: © Microsoft Corporation. All rights reserved.

Version: 10.0.19041.4474

Architecture: 64-bit

Operating System: Windows NT

SHA256: b5b786c99df29ae2e7b77fdb7c36b883

File Size: 259.5 KB

Uploaded At: Dec. 1, 2025, 7:51 a.m.

Views: 6

Security Warning

This file has been flagged as potentially dangerous.

Reason: Detected potentially dangerous functions used for process injection: OpenProcess

Exported Functions

CompileFileViaDLL (Ordinal: 1, Address: 0x27560)
CreateBMOFViaDLL (Ordinal: 2, Address: 0x27810)
DllCanUnloadNow (Ordinal: 3, Address: 0xbf30)
DllGetClassObject (Ordinal: 4, Address: 0xbd10)
DllRegisterServer (Ordinal: 5, Address: 0xbfa0)
DllUnregisterServer (Ordinal: 6, Address: 0xc070)

Imported DLLs & Functions

api-ms-win-core-console-l1-1-0.dll

GetConsoleOutputCP (Address: 0x18002f620)

api-ms-win-core-debug-l1-1-0.dll

DebugBreak (Address: 0x18002f630)
OutputDebugStringA (Address: 0x18002f638)

api-ms-win-core-delayload-l1-1-0.dll

DelayLoadFailureHook (Address: 0x18002f648)

api-ms-win-core-delayload-l1-1-1.dll

ResolveDelayLoadedAPI (Address: 0x18002f658)

api-ms-win-core-errorhandling-l1-1-0.dll

GetLastError (Address: 0x18002f678)
RaiseException (Address: 0x18002f668)
SetUnhandledExceptionFilter (Address: 0x18002f680)
UnhandledExceptionFilter (Address: 0x18002f670)

api-ms-win-core-file-l1-1-0.dll

CreateFileW (Address: 0x18002f690)
DeleteFileW (Address: 0x18002f6a0)
GetFullPathNameW (Address: 0x18002f6a8)
GetTempFileNameW (Address: 0x18002f6c0)
ReadFile (Address: 0x18002f6b0)
SetFilePointer (Address: 0x18002f6b8)
WriteFile (Address: 0x18002f698)

api-ms-win-core-file-l1-2-0.dll

GetTempPathW (Address: 0x18002f6d0)

api-ms-win-core-handle-l1-1-0.dll

CloseHandle (Address: 0x18002f6e0)

api-ms-win-core-heap-l2-1-0.dll

LocalFree (Address: 0x18002f6f0)

api-ms-win-core-libraryloader-l1-2-0.dll

DisableThreadLibraryCalls (Address: 0x18002f748)
FindResourceExW (Address: 0x18002f740)
FreeLibrary (Address: 0x18002f700)
GetModuleFileNameW (Address: 0x18002f718)
GetModuleHandleW (Address: 0x18002f720)
GetProcAddress (Address: 0x18002f710)
LoadLibraryExW (Address: 0x18002f708)
LoadResource (Address: 0x18002f730)
LoadStringW (Address: 0x18002f738)
SizeofResource (Address: 0x18002f728)

api-ms-win-core-localization-l1-2-0.dll

LCMapStringW (Address: 0x18002f758)

api-ms-win-core-processenvironment-l1-1-0.dll

ExpandEnvironmentStringsW (Address: 0x18002f768)
GetStdHandle (Address: 0x18002f770)

api-ms-win-core-processthreads-l1-1-0.dll

CreateProcessW (Address: 0x18002f798)
GetCurrentProcess (Address: 0x18002f790)
GetCurrentProcessId (Address: 0x18002f788)
GetCurrentThread (Address: 0x18002f7a0)
GetCurrentThreadId (Address: 0x18002f7b0)
OpenProcessToken (Address: 0x18002f7b8)
OpenThreadToken (Address: 0x18002f7a8)
TerminateProcess (Address: 0x18002f780)

api-ms-win-core-processthreads-l1-1-1.dll

OpenProcess (Address: 0x18002f7c8)

api-ms-win-core-profile-l1-1-0.dll

QueryPerformanceCounter (Address: 0x18002f7d8)

api-ms-win-core-registry-l1-1-0.dll

RegCloseKey (Address: 0x18002f828)
RegCreateKeyExW (Address: 0x18002f810)
RegDeleteKeyExW (Address: 0x18002f818)
RegDeleteValueW (Address: 0x18002f800)
RegEnumKeyExW (Address: 0x18002f7f0)
RegOpenKeyExW (Address: 0x18002f820)
RegQueryInfoKeyW (Address: 0x18002f7e8)
RegQueryValueExW (Address: 0x18002f808)
RegSetValueExW (Address: 0x18002f7f8)

api-ms-win-core-rtlsupport-l1-1-0.dll

RtlCaptureContext (Address: 0x18002f848)
RtlLookupFunctionEntry (Address: 0x18002f838)
RtlVirtualUnwind (Address: 0x18002f840)

api-ms-win-core-string-l1-1-0.dll

CompareStringW (Address: 0x18002f858)
GetStringTypeExW (Address: 0x18002f868)
MultiByteToWideChar (Address: 0x18002f870)
WideCharToMultiByte (Address: 0x18002f860)

api-ms-win-core-string-l2-1-0.dll

CharLowerBuffW (Address: 0x18002f888)
CharNextW (Address: 0x18002f880)

api-ms-win-core-string-obsolete-l1-1-0.dll

lstrcmpiW (Address: 0x18002f8a0)
lstrcmpW (Address: 0x18002f898)

api-ms-win-core-synch-l1-1-0.dll

AcquireSRWLockExclusive (Address: 0x18002f8b0)
DeleteCriticalSection (Address: 0x18002f8c8)
EnterCriticalSection (Address: 0x18002f8d0)
InitializeCriticalSection (Address: 0x18002f8c0)
LeaveCriticalSection (Address: 0x18002f8b8)
ReleaseSRWLockExclusive (Address: 0x18002f8d8)

api-ms-win-core-synch-l1-2-0.dll

Sleep (Address: 0x18002f8e8)
SleepConditionVariableSRW (Address: 0x18002f8f8)
WakeAllConditionVariable (Address: 0x18002f8f0)

api-ms-win-core-sysinfo-l1-1-0.dll

GetSystemDirectoryW (Address: 0x18002f918)
GetSystemTimeAsFileTime (Address: 0x18002f920)
GetTickCount (Address: 0x18002f910)
GetVersionExW (Address: 0x18002f908)

api-ms-win-eventing-classicprovider-l1-1-0.dll

GetTraceEnableFlags (Address: 0x18002f948)
GetTraceEnableLevel (Address: 0x18002f940)
GetTraceLoggerHandle (Address: 0x18002f930)
RegisterTraceGuidsW (Address: 0x18002f950)
TraceMessage (Address: 0x18002f938)
UnregisterTraceGuids (Address: 0x18002f958)

api-ms-win-security-base-l1-1-0.dll

AdjustTokenPrivileges (Address: 0x18002f970)
ImpersonateSelf (Address: 0x18002f978)
RevertToSelf (Address: 0x18002f968)

msvcrt.dll

__C_specific_handler (Address: 0x18002fb60)
__CxxFrameHandler3 (Address: 0x18002fa68)
__dllonexit (Address: 0x18002fb30)
_amsg_exit (Address: 0x18002faa8)
_close (Address: 0x18002f9f0)
_CxxThrowException (Address: 0x18002fa20)
_errno (Address: 0x18002f9d0)
_initterm (Address: 0x18002fab0)
_lock (Address: 0x18002fb68)
_onexit (Address: 0x18002fb28)
_open (Address: 0x18002f9e0)
_purecall (Address: 0x18002fad8)
_resetstkoflw (Address: 0x18002faf0)
_ui64tow_s (Address: 0x18002fa38)
_unlock (Address: 0x18002fb38)
_vsnwprintf (Address: 0x18002fb50)
_waccess (Address: 0x18002fa88)
_wcsdup (Address: 0x18002f998)
_wcserror (Address: 0x18002fa80)
_wcsicmp (Address: 0x18002fb10)
_wcsnicmp (Address: 0x18002fb00)
_wfopen (Address: 0x18002fab8)
_wfullpath (Address: 0x18002faa0)
_write (Address: 0x18002f9e8)
_wsplitpath_s (Address: 0x18002f9b8)
_wtoi (Address: 0x18002f9a0)
_wtol (Address: 0x18002f9a8)
_XcptFilter (Address: 0x18002fa50)
??0exception@@QEAA@AEBQEBD@Z (Address: 0x18002f9b0)
??0exception@@QEAA@AEBQEBDH@Z (Address: 0x18002fa00)
??0exception@@QEAA@AEBV0@@Z (Address: 0x18002fa08)
??1exception@@UEAA@XZ (Address: 0x18002fa10)
??1type_info@@UEAA@XZ (Address: 0x18002fae8)
?terminate@@YAXXZ (Address: 0x18002fad0)
?what@exception@@UEBAPEBDXZ (Address: 0x18002fa18)
calloc (Address: 0x18002fac0)
fclose (Address: 0x18002fa70)
ferror (Address: 0x18002fa58)
fread (Address: 0x18002fa60)
free (Address: 0x18002fb58)
fseek (Address: 0x18002fa90)
ftell (Address: 0x18002fa78)
fwrite (Address: 0x18002f9f8)
iswspace (Address: 0x18002fb20)
iswxdigit (Address: 0x18002f9d8)
malloc (Address: 0x18002fae0)
mbstowcs (Address: 0x18002fa48)
memcmp (Address: 0x18002fb08)
memcpy (Address: 0x18002fa28)
memcpy_s (Address: 0x18002fb48)
memmove (Address: 0x18002fa30)
memset (Address: 0x18002fb70)
printf (Address: 0x18002f990)
realloc (Address: 0x18002fa98)
swscanf (Address: 0x18002f9c0)
towupper (Address: 0x18002f9c8)
wcschr (Address: 0x18002fb18)
wcsncmp (Address: 0x18002fb40)
wcsncpy_s (Address: 0x18002fa40)
wcsrchr (Address: 0x18002faf8)
wcstok (Address: 0x18002fac8)
wcstombs (Address: 0x18002f988)

wbemcomn.dll

_ThrowMemoryException_ (Address: 0x18002fd00)
??0CFlexArray@@QEAA@HH@Z (Address: 0x18002fc58)
??0CMRCICompression@@QEAA@XZ (Address: 0x18002fc38)
??0Registry@@QEAA@PEBGK@Z (Address: 0x18002fc08)
??0WString@@QEAA@PEBG@Z (Address: 0x18002fc88)
??0WString@@QEAA@XZ (Address: 0x18002fc28)
??1CFlexArray@@QEAA@XZ (Address: 0x18002fc60)
??1CMRCICompression@@QEAA@XZ (Address: 0x18002fc70)
??1CVar@@QEAA@XZ (Address: 0x18002fcb8)
??1Registry@@QEAA@XZ (Address: 0x18002fc10)
??4WString@@QEAAAEAV0@PEBG@Z (Address: 0x18002fbd8)
?AddEnvironmentValue@CWbemInstallObject@@SAJPEBG0@Z (Address: 0x18002fb80)
?CleanUp@CWbemInstallObject@@SAXXZ (Address: 0x18002fbd0)
?CoCreateInstance@CWbemInstallObject@@SAJAEBU_GUID@@PEAUIUnknown@@K0PEAPEAX@Z (Address: 0x18002fc30)
?DeleteString@WString@@AEAAXPEAG@Z (Address: 0x18002fcf8)
?ExpandEnvironmentStringsW@CWbemInstallObject@@SAKPEBGPEAGK@Z (Address: 0x18002fc48)
?FlushRepository@CWbemInstallObject@@SAJXZ (Address: 0x18002fbc8)
?GetAt@CFlexArray@@QEBAPEAXH@Z (Address: 0x18002fc68)
?GetMultiStr@Registry@@QEAAPEAGPEBGAEAK@Z (Address: 0x18002fc18)
?GetRepositoryFolder@CWbemInstallObject@@SAPEBGXZ (Address: 0x18002fc50)
?GetText@CVar@@QEAAPEAGJJPEBG@Z (Address: 0x18002fcc0)
?Init@CVar@@AEAAXXZ (Address: 0x18002fca8)
?InsertAt@CFlexArray@@QEAAHHPEAX@Z (Address: 0x18002fcc8)
?IsOffline@CWbemInstallObject@@SA_NXZ (Address: 0x18002fd18)
?LocaleName_To_LCID@CMUILocale@@SAJPEBGPEA_NPEAK@Z (Address: 0x18002fca0)
?Mrci1Decompress@CBaseMrciCompression@@QEAAIPEAEI0I@Z (Address: 0x18002fc40)
?Mrci1MaxCompress@CBaseMrciCompression@@QEAAIPEAEI0I@Z (Address: 0x18002fcd8)
?ms_XXX_Locale_To_LCID@CMUILocale@@SAJPEBGPEAK@Z (Address: 0x18002fc98)
?RemoveAt@CFlexArray@@QEAAHH@Z (Address: 0x18002fcd0)
?SetAutoRecoverFolder@CWbemInstallObject@@SAXPEBG@Z (Address: 0x18002fba8)
?SetBinaryPath@CWbemInstallObject@@SAXPEBG@Z (Address: 0x18002fb98)
?SetMultiStr@Registry@@QEAAHPEBGPEAGK@Z (Address: 0x18002fc20)
?SetOffline@CWbemInstallObject@@SAX_N@Z (Address: 0x18002fb90)
?SetRegistryPathCIMOM@CWbemInstallObject@@SAXPEBG@Z (Address: 0x18002fbb8)
?SetRegistryPathWbem@CWbemInstallObject@@SAXPEBG@Z (Address: 0x18002fbb0)
?SetRepositoryFolder@CWbemInstallObject@@SAXPEBG@Z (Address: 0x18002fba0)
?SetStr@Registry@@QEAAHPEBG0@Z (Address: 0x18002fce0)
?SetVariant@CVar@@QEAAHPEAUtagVARIANT@@H@Z (Address: 0x18002fcb0)
?Shutdown@CWbemInstallObject@@SAXXZ (Address: 0x18002fb88)
?WbemMemAlloc@CWin32DefaultArena@@SAPEAX_K@Z (Address: 0x18002fd10)
?WbemMemFree@CWin32DefaultArena@@SAHPEAX@Z (Address: 0x18002fd08)
?Write@CMemoryLog@@QEAAXJ@Z (Address: 0x18002fcf0)
bAreWeLocal (Address: 0x18002fc80)
CopyFileToAutorecover (Address: 0x18002fc00)
ExtractMachineName (Address: 0x18002fc78)
GetMemLogObject (Address: 0x18002fce8)
RegisterDLL (Address: 0x18002fbe0)
RegisterDllAppid (Address: 0x18002fbe8)
RemoveFileFromAutoRecoverFolder (Address: 0x18002fbc0)
UnRegisterDLL (Address: 0x18002fbf0)
UnregisterDllAppid (Address: 0x18002fbf8)
WbemVariantChangeType (Address: 0x18002fc90)